In this information driven world, the accepted means of access and authentication involves pre-determined factors such as passwords, smart card access etc. and such means are inevitable to maintain security. The process of discrimination through the usage of pre-determined factors in series and/or parallel between an authorized customer and an unauthorized customer is broadly referred to as authentication. Authentication can be a single factor, two factor or multi factor process wherein the process is aimed at preventing the illegitimate access to unauthorized customers in relation to secured and sensitive information.
Commonly used authentication method includes usage of passwords, smart cards, biometric based authentication and other known methods. However, these methods are always subjected to limitations such as requiring physical presence of customer in case of biometric system, misplacement and/or duplication of smart cards and the password based system suffers from a litany of issues ranging from customer forgetting the password, customer using the same string password with multiple accounts and storage/sharing of passwords at insecure servers/locations.
Other methods are available such as authentication through a static password (set up by the customer) and a dynamic password provided on a security token (a small hardware device with a screen which displays a seemingly random number that changes periodically). Such methods suffer from the drawback of infrastructure cost required to implement the system and the inconvenience to a customer in having to retrieve a token and transcribe a code every time a login is required.
Furthermore, the number of incidents have gone up wherein customer information is leaked in the public domain and exposes the risk of abuse of such information in present and future times. Thus, there exists a need for a system that controls the access to customer data without significantly burdening the customer while, at the same time, eliminating the need for complicated infrastructure implementations.